Hello,

 

I am trying to solve a mystery. We have 2 replicated FreeIPA servers.

Today they both stopped receiving requests because the Directory Server
had begun to refuse connections.

The relevant message is "Not listening for new connections - too many
fds open"

 

That's all well and good: I can increase the file descriptor allowance.

However, the reason the fds limit was reached was a massive number of
connections from the servers themselves.

Can someone provide me with an idea for what this might be?

 

We received 1024 connections in under 1 second: Here is an example
dirsrv access log entry:

 

[22/Oct/2009:12:29:53 +0200] conn=679021 fd=464 slot=464 connection from
127.0.0.1 to 127.0.0.1

[22/Oct/2009:12:29:53 +0200] conn=679021 op=0 BIND
dn="uid=kdc,cn=sysaccounts,cn=etc,dc=live,dc=tipp

24,dc=net" method=128 version=3

[22/Oct/2009:12:29:53 +0200] conn=679021 op=0 RESULT err=0 tag=97
nentries=0 etime=0 dn="uid=kdc,cn=

sysaccounts,cn=etc,dc=live,dc=tipp24,dc=net"

 

 

Some final notes:

Both servers stopped one after the other. First server A, then 1 second
afterwards, server B.

 

I'm pretty stuck as to what might have caused this.

 

 

Cheers

Andy

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to